Our system has found that you are using an ad-blocking browser add-on.

We just wanted to let you know that our site content is, of course,
available to you absolutely free of charge.

Our ads are the only way we have to be able to bring you the latest
high-quality content, which is written by professional journalists,
with the help of editors, graphic designers, and our site production
and I.T. staff, as well as many other talented people who work around the clock
for this site.

So, we ask you to add this site to your Ad Blocker’s "white list" or
to simply disable your Ad Blocker while visiting this site.

The world's largest PC maker, Lenovo, is in the international hot seat for shipping laptops pre-installed with a virus-like software that puts customers in the line of hacker fire, according to one security researcher.

Since June, Lenovo customers have been reporting a program called Superfish, software that automatically displays advertisements in the name of helping consumers find products online, said Robert Graham, CEO of security research firm Errata Security.

Superfish is designed to intercept all encrypted connections and leaves the door open for NSA-style spies to hack into PCs through man-in-the-middle attacks, he said.

"The company claims it's providing a useful service, helping users do price comparisons. This is false. It's really adware," Graham wrote in a blog post. “They don't even offer the software for download from their own Web site. It's hard Googling for the software if you want a copy because your search results will be filled with help on removing it. The majority of companies that track adware label this as adware.”

What Does Superfish Really Do?

Lenovo acknowledged the problem and said it has removed Superfish from its consumer PCs "until such time as Superfish is able to provide a software build that addresses these issues." Lenovo also requested Superfish auto-update a fix that addresses these issues. Superfish could not immediately be reached for comment.

"To be clear, Superfish comes with Lenovo consumer products only and is a technology that helps users find and discover products visually," Lenovo said in its forum. "The technology instantly analyzes images on the Web and presents identical and similar product offers that may have lower prices, helping users search for images without knowing exactly what an item is called or how to describe it in a typical text-based search engine."

The PC maker described, in great detail, the functionality of Superfish to assure customers that it’s not serving results based on user behavior and that it does not profile or monitor user behavior or record user information.

"It does not know who the user is. Users are not tracked nor re-targeted," Lenovo said. "Every session is independent. When using Superfish for the first time, the user is presented the terms of user and privacy policy, and has option not to accept these terms, i.e., Superfish is then disabled."

Watch Out for PUPs

We caught up with Adam Kujawa, head of malware Intelligence at anti-malware and Internet security software firm Malwarebytes, to get his thoughts on Superfish and programs like it. He predicted late last year that adware would behave more and more like viruses.

Kujawa told us potentially unwanted programs, or PUPs as they are known in the security research world, are nuisances to the modern user because of their high requirements for system resources and constant bombardment of advertising.

"However, we have seen numerous instances of PUPs actually going a step further and installing near-malicious and full-malicious software on the host system," Kujawa said. "This trend may very well become more prevalent in the coming year as the war against junk software leads some developers to dabble in illegal activities to make a profit."